NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Weekly Threat Report - 8th May 2020

Cyber security warning issued to organisations in UK and USA

Security agencies in the UK and USA have issued advice to organisations involved in the coronavirus response, after it was revealed that they are being targeted by malicious cyber campaigns. The report, jointly published by the NCSC and the US Cybersecurity and Infrastructure Security Agency (CISA), exposed a large-scale ‘password spraying’ campaign by advanced persistent threat (APT) groups against international healthcare, pharmaceutical, and research organisations. APT groups target such organisations to gather bulk personal information, intellectual property, and intelligence that aligns with national priorities.

Organisations that have been targeted are advised to change any passwords that could be reasonably guessed to one created with three random words, and to implement two-factor authentication to mitigate the risk of compromise. 

You can read the full advisory here, but you may also find the following guidance for businesses useful:

• Defending against password spraying attacks

• Password administration for system owners

• Deny lists for passwords

The recently launched Cyber Aware campaign also provides actionable advice for individuals and their families on how to stay secure online, including how to protect passwords, accounts and devices. 

Microsoft flags known issues ahead of May 2020 Update

In a blog post, Microsoft has detailed the known issues with its upcoming Windows 10 May 2020 update. It does say that these will only affect a small group of users and be fixed in future servicing releases.

The Windows 10 update was planned to be generally released on the 12th May. Windows Latest and other outlets are reporting that this will now be pushed back to the 28th to allow more time for bug fixing.

Support for those organisations running the new update will be available for select Windows 10 Enterprise and Pro editions customers. 

Our advice on evaluating the security impact of IT resources can be found in our Secure development and deployment guidance. We recommend organisations apply feature updates at the earliest opportunity, once sufficiently tested as per our Windows 10 EUD guidance. Organisations should consider if any changes are required to their normal update procedures as a result of increased remote working where support and recovery may be more difficult.

Topics Cyber threat

Personal data

PhishingDevices

Cyber attack

National Cyber Security Centre Weekly Threat Reports

ASKET Cyber Security Resources